David Morimanno, Director of Identity and Access Management Technologies at Xalient
The role of the CISO is evolving to meet an increasingly complex cybersecurity landscape. While technological advancements such as AI and automation present new opportunities for defence, they also introduce novel risks. To ensure comprehensive cybersecurity, CISOs must balance technological innovation with effective humancentric strategies, while addressing the rise of Non- Human Identities( NHIs).
The expansion of digital ecosystems – cloud infrastructures, IoT and interconnected systems – has dramatically broadened the attack surface. Traditional perimeter-based security models are no longer adequate in this landscape. Organisations instead need a zero-trust approach that secures identities, data and behaviour across the organisation. However, threats evolve as technology evolves. AI and Machine Learning( ML) are transforming attacks, making it essential for CISOs to leverage these technologies for proactive defence and threat detection.
NHIs – automated bots, machine accounts and AIpowered systems – add another layer of complexity. As organisations increasingly adopt AI-driven solutions, managing the security of these identities becomes paramount. Left uncontrolled, NHIs can become an entry point for malicious actors. Securing machine identities, managing access and controlling automated actions are essential steps in mitigating potential risks. Effective identity governance for these NHIs must be integrated into security strategies to ensure they are not exploited by attackers.
The human factor continues to present significant risks. Human error, whether through phishing attacks, or weak passwords, remains a leading cause of breaches. Technology alone cannot mitigate these risks; CISOs must focus on fostering a securityconscious culture throughout the organisation. Continuous training, real-time threat awareness and behaviour-driven security strategies must be prioritised to reduce human vulnerabilities.
The human factor also plays a pivotal role in how to leverage AI and automation in security. While these technologies can increase efficiency, they require careful management to ensure that they don’ t introduce new risks due to misuse or overreliance on automated processes. Engaging employees and leadership to understand the capabilities and limitations of AI and automation is vital.
The future of cybersecurity in 2025 hinges on the ability to balance technologies like AI with a deep understanding of the human factor and the rising complexities of NHIs. The CISO’ s role is to leverage AI and automation to enhance defence, but to also ensure comprehensive control over NHIs, safeguard against human errors, and create a culture where security is ingrained in every employee’ s actions. Through this, CISOs can build a resilient security posture that prepares organisations for current and emerging threats.
James Rice, VP of Product Marketing at Protegrity
The role of the Chief Information Security Officer( CISO) is evolving rapidly in response to the growing complexity of both cybersecurity and data challenges. The rise of Generative AI introduces unique risks and vulnerabilities that traditional legacy security models struggle to support. Surrounding or locking down data with more layers of security is not enough.
This shift necessitates embedding AI-specific security capabilities, designed to safeguard unstructured data, ensure robust data-in-motion protection, and provide continuous compliance across a broader set of user interactions to mitigate both legal and operational risks.
The AI- driven workflows, from Retrieval- Augmented Generation( RAG) pipelines to dynamic chatbots are accelerating data interactions at an unprecedented rate. However, this surge in activity exposes critical gaps in security governance and data ownership, heightening risks of breaches and unintended data exposure leaving companies vulnerable to breaches. Traditional security models struggle to rely on unstructured data – documents, images, emails and chat logs – that fuel AI systems, making robust protection strategies more essential than ever.
Unlike conventional data storage models that focus on at-rest data security, AI applications constantly process and transform data in motion. The dynamic nature of this data flow makes it difficult to enforce consistent security
David Morimanno, Director of Identity and Access Management Technologies at Xalient
The role of the Chief Information Security Officer( CISO) is evolving rapidly in response to the growing complexity of both cybersecurity and data challenges.
WWW. INTELLIGENTCISO. COM 49